Criminal call centers and dating scams

Brian Krebs is where we turn our attention today. This former Washington Post investigative reporter is not very technical, but he is plugged into cybercriminal news and is usually one of the first to uncover data breaches like the Target retailer attack that companies try to keep secret. This week he reports the fascinating news that criminal gangs in Russia have outsourced translation and extortion services to call centers. Ransomware, for example, attacks people all over the world who speak hundreds of languages.  Russians cannot negotiate payment for all of that in Arabic, Turkish, German, etc.  So they have hired call centers to help shake down their victims. One normally thinks of overseas call centers as providing PC support for harried customers or explaining to someone how to use her new 50 inch LED TV. But companies like CallMeBaby extort hacking victims by charging $10 and more to negotiate the terms or unlocking their locked data files.

Of course the actual ransom in a ransomware attack is a lot more money than that. These multilingual operators also pose as legitimate businesses when a hacker has lured in someone via any of the multitude of frauds broadcast via phishing emails, such as the dating scheme we mention below.  Preying on people’s greed, lust, and fear, hackers entice people to hand over their credit card and account number to a third party who they victim recklessly trusts.

callmebaby call center

graphics source Krebs on Security

Lonely Hearts

Men have been swindled by dating services for decades, first appearing as prints ads when people actually read newspapers printed on paper. Russia, in particular, has long been an export market for foreign brides. Most of these are legitimate businesses. They provide a needed service: finding a match for someone who is looking for a bride and providing an opportunity for a woman to perhaps find a better life overseas. These marriage brokers act as a translators for mainly blond women who speak Russian, Ukrainian, or other language and work with the American or European to help the woman obtain visas to travel to the USA or other countries as someone’s wife or fiancee. For the USA, that process can take more than a year. But hackers have stepped into this market to rob the unwitting. They trap their victims via spam, phishing, and fake Russian-bride websites.

After weeks or months of back and forth communications, the lonely male is tricking into wiring money so that the Russian, Georgian, or Ukrainian beauty can pay the expenses of packing up her apartment and flying to the USA. En route the bride or fiancee reports that she is stranded somewhere and needs money to continue her trip, so the victim wires money again. To make this sound more legit fraudulent marriage brokers can include the mother in the streams of emails. But it sounds fairly legit already without much explanation as the mark can understand that the wanna-be bride living in a an remote region of Russia is looking for a better life in the wealthy USA. Various excuses are given why woman is unable to talk on the phone. Obviously one excuse would be that the broker says that she cannot speak English, which is usually true in genuine Russian-brides marriage businesses too. Or if the male insists, the marriage broker can find a pretty girl to answer the phone or Skype and pretend to be the lady who is seeking a foreign husband. This kind of business is outsourced too. Hackers whose speciality is phishing and setting up dishonest websites contract with marriage fraud businesses.

The two split the profits. There are even companies that advise these criminals how to deal with situations such as the would-be husband does not have any money so how can you get him to tap into his credit card. It is really pathetic that so much of what goes on on the internet today is dishonest and that most of the emails that are sent around the world are spam. No one likes to read offensive pornographic pitches, except those with such prurient interests. It’s also wrong that the Russian government lets these hackers and fraudsters operate without cracking down on these mafias. The best that a person can do to avoid all of this is to use anti-spam email, which is already built into systems like Gmail and Zoho mail. And for those in business it is important to provide ongoing security awareness training to their employees to teach them the dangers of phishing emails and fake websites.

▼ Show Discussion

About the author:

Karolis Liucveikis

Karolis Liucveikis - experienced software engineer, passionate about behavioral analysis of malicious apps.

Author and general operator of PCrisk's "Removal Guides" section. Co-researcher working alongside Tomas to discover the latest threats and global trends in the cyber security world. Karolis has experience of over five years working in this branch. He attended KTU University and graduated with a degree in Software Development in 2017. Extremely passionate about technical aspects and behavior of various malicious applications. Contact Karolis Liucveikis.

PCrisk security portal is brought by a company RCS LT. Joined forces of security researchers help educate computer users about the latest online security threats. More information about the company RCS LT.

Our malware removal guides are free. However, if you want to support us you can send us a donation.

About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal